CBD Industries, LLC

The California Office of the Attorney General disclosed a data breach affecting CBD Industries, LLC, occurring on multiple dates between March 30, 2020, and May 18, 2020. The incident exposed sensitive customer information, including names, addresses, email addresses, account numbers, expiration dates, card security codes (CVV), and bank account numbers. Such data, if misused, could facilitate financial fraud, identity theft, or unauthorized transactions, posing significant risks to affected individuals. The breach highlights vulnerabilities in the company’s data protection measures, potentially eroding customer trust and triggering regulatory scrutiny. While the exact method of compromise (e.g., phishing, system exploitation) was not specified, the exposure of payment card details and banking information suggests a severe lapse in safeguarding high-value financial data. The incident underscores the critical need for robust cybersecurity frameworks to prevent unauthorized access to sensitive customer records.

Source: https://oag.ca.gov/ecrime/databreach/reports/sb24-194582

TPRM report: https://www.rankiteo.com/company/purmedgloballlc

"id": "pur019090625",
"linkid": "purmedgloballlc",
"type": "Breach",
"date": "3/2020",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

{'affected_entities': [{'location': 'California, USA',
                        'name': 'CBD Industries, LLC',
                        'type': 'Private Company'}],
 'data_breach': {'personally_identifiable_information': True,
                 'sensitivity_of_data': 'High',
                 'type_of_data_compromised': ['Personal Identifiable '
                                              'Information (PII)',
                                              'Financial Information']},
 'date_publicly_disclosed': '2020-09-29',
 'description': 'The California Office of the Attorney General reported a data '
                'breach involving CBD Industries, LLC on September 29, 2020. '
                'The breach occurred on multiple dates: March 30, 2020, May 8, '
                '2020, May 14, 2020, and May 18, 2020, potentially exposing '
                'names, addresses, email addresses, account numbers, '
                'expiration dates, card security codes, and bank account '
                'numbers.',
 'impact': {'data_compromised': ['names',
                                 'addresses',
                                 'email addresses',
                                 'account numbers',
                                 'expiration dates',
                                 'card security codes',
                                 'bank account numbers'],
            'identity_theft_risk': 'High',
            'payment_information_risk': 'High'},
 'references': [{'date_accessed': '2020-09-29',
                 'source': 'California Office of the Attorney General'}],
 'regulatory_compliance': {'regulatory_notifications': 'California Office of '
                                                       'the Attorney General'},
 'title': 'Data Breach at CBD Industries, LLC',
 'type': 'Data Breach'}

CBD Industries, LLC

Grafana: Grafana GitHub Token Breach Led to Codebase Download and Extortion Attempt

Reqrea: Millions Of Hotel Guests' IDs Left Open Online In Massive Security Blunder

THORChain: More than $10 million stolen from crypto platform THORChain